# Copyright (c) 2007 bivio Software, Inc.  All Rights Reserved.
# $Id: otp.btest,v 1.18 2011/01/28 20:03:21 nagler Exp $

test_setup('PetShop');
home_page();
my($challenge) = qr{otp_md5\s+(\d+)\s+(\w+)};
test_deviance($challenge);
login_as('otp', '');
login_as('otp', 'password');
test_conformance();
my(@ch) = get_content() =~ $challenge;
my($ou) = test_use('ShellUtil.OTP');
test_deviance();
login_as('otp', $ou->six_word_key(@ch, $ou->NULL_PASSPHRASE));
test_conformance();
login_as('otp', $ou->six_word_key(@ch, 'password'));
do_logout();

#
# Test substitute user
#
home_page();
login_as('root');
visit_uri('/adm/su');
submit_form({
    email => 'otp',
});
follow_link('myaccount');
verify_text('otp@');
do_logout();
follow_link('logout');

#
# Test convert to OTP
#

home_page();
follow_link('sign.*in');
follow_link('new');
my($name) = 'otp_' . random_string();
my($email) = generate_local_email($name);
submit_form({
    email => $email,
    password => 'password',
    first => ucfirst($name),
    last => 'OTPTest',
});
follow_link('myaccount');
follow_link('convert');
my($new_key) = $ou->six_word_key(get_content() =~ $challenge, 'password');
test_deviance();
verify_text(my $dual_challenge = qr/Last OTP challenge.*New OTP challenge/is);
test_deviance('The password you entered does not match the value stored');
submit_form({
    current => 'badpassword',
    new => $new_key,
    confirm => $new_key,
});
test_deviance('must supply a value for New');
submit_form({
    current => 'password',
    new => '',
    confirm => $new_key,
});
test_deviance('You must supply a value for Confirm');
submit_form({
    current => 'password',
    new => $new_key,
    confirm => '',
});
test_deviance('do not match');
submit_form({
    current => 'password',
    new => $new_key,
    confirm => 'foofoo',
});
test_conformance();
submit_form({
    current => 'password',
    new => $new_key,
    confirm => $new_key,
});

#
# Test reset OTP
#
do_logout();
test_deviance($challenge);
login_as($email => '');
test_conformance();
login_as($email, $ou->six_word_key(get_content() =~ $challenge, 'password'));
follow_link('myaccount');
follow_link('reset');
verify_text($dual_challenge);
my($old_seq, $old_seed, $new_seq, $new_seed) =
    get_content() =~ /$challenge.*$challenge/s;

my($next_key) = $ou->six_word_key($old_seq, $old_seed, 'password');
$new_key = $ou->six_word_key($new_seq, $new_seed, 'password');
submit_form({
    current => $next_key,
    new => $new_key,
    confirm => $new_key,
});

#
# Test re-initialize sequence
#

get_uri() =~ m{.*/(.*)/account};
my($uid) = $1;
do_test_backdoor(OTP => "-user $uid reset_user 11 yourseed password");
do_logout();
home_page();
follow_link('sign.*in');
test_deviance('otp_md5 11 yourseed');
submit_form({
    email => $email,
});
test_conformance();
submit_form({
    email => $email,
    password => $ou->six_word_key(get_content() =~ $challenge, 'password'),
});
verify_form({
    current => '',
    new => '',
    confirm => '',
});
verify_text('You MUST re-initialize your one-time password now.');

#
# Test blank passphrase
#
verify_text($dual_challenge);
($old_seq, $old_seed, $new_seq, $new_seed) =
    get_content() =~ /$challenge.*$challenge/s;
$next_key = $ou->six_word_key($old_seq, $old_seed, 'password');
$new_key = $ou->six_word_key($new_seq, $new_seed, $ou->NULL_PASSPHRASE);
test_deviance('must set a passphrase');
submit_form({
    current => $next_key,
    new => $new_key,
    confirm => $new_key,
});